News
CyberArk publishes high-risk Windows RDP vuln - Patch Tuesday
January 2022 by CyberArk
Today, CyberArk Labs published new research detailing a vulnerability in Windows Remote Desktop Protocol (RDP) that allows any user connected to a remote machine via RDP to access the client machines of other connected users - creating considerable risk for any organisation using the protocol.
Once the vulnerability is exploited, an attacker can execute a man-in-the-middle attack, allowing them to view/modify clipboard data of other connected users, access victim drives/folders or even impersonate the identity of other users logged on to the machine using smart cards – currently used to access clinal systems through NHS Digital, amongst other public sector services.
CyberArk researchers were able to execute the vulnerability by developing a tool that abuses the virtual channels Windows RDP uses to communicate between the server and client from within the remote machine.
